Quiz: Cross-Site Scripting (XSS)

Test what you learned in this lesson before moving on.

Pass with 80% to complete this lesson.

1. Which type of XSS stores the malicious script in the database?

2. What does React do by default to prevent XSS in JSX?

3. Why is 'unsafe-inline' dangerous in a Content Security Policy script-src directive?

4. What is the purpose of the HttpOnly cookie flag in the context of XSS?